[Openswan Users] roadwarrior with PSK

Sir Thomas secureth at gmail.com
Fri May 29 05:19:18 EDT 2009


Hello,

i try to established a connection between a openswan server and a
roadwarriors.
each roadwarrior have a static ip address and the server, too.
the roadwarriors have XP and use ShrewSoft VPN Client to connect. we use PSK
to authenticate.
we have installed Linux Openswan U2.6.14/K2.6.18-128.1.10.el5 (netkey) into
CentOS 5.0.
the ipsec.conf file is:
version 2.0
# basic configuration
config setup
protostack=netkey
nat_traversal=yes
    forwardcontrol=yes
    virtual_private=%v4:
10.0.0.0/24,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.200.0/24,%v4:!10.105.228.0/22
conn block
    auto=ignore

conn private
    auto=ignore

conn private-or-clear
    auto=ignore

conn clear-or-private
    auto=ignore

conn clear
    auto=ignore

conn packetdefault
    auto=ignore

include /etc/ipsec.d/*.conf

and each file of roadwarrior are:
conn madrid
        type=tunnel
        authby=secret
        leftsourceip=10.105.241.253
        left=<public_ip>
        leftsubnet=10.105.0.0/16
        right=<public_ip>
        rightsubnet=192.168.200.60/32
        auto=add
        esp=3des-md5
        pfs=no
        keyexchange=ike

conn murcia
        type=tunnel
        authby=secret
        leftsourceip=10.105.241.253
        left=<public_ip>
        leftsubnet=10.105.0.0/16
        right=<public_ip>
        rightsubnet=192.168.200.40/32
        auto=add
        esp=3des-md5
        pfs=no
        keyexchange=ike
  conn albacete
        type=tunnel
        authby=secret
        leftsourceip=10.105.241.253
        left=<public_ip>
        leftsubnet=10.105.0.0/16
        right=<public_ip>
        rightsubnet=192.168.200.50/32
        auto=add
        esp=3des-md5
        pfs=no
        keyexchange=ike

The roadwarrior can to established the tunnel and up the tunnel , but when
they try to connect more than two roadwarrior, one of them drop the tunnel.
Could someone help me?
thanks in advanced
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090529/2418de0f/attachment-0001.html 


More information about the Users mailing list